This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/kIHklMXqFB3plTjcytHieJh2B-M.roa
File:                     kIHklMXqFB3plTjcytHieJh2B-M.roa (raw, json)
Hash identifier:          ZoF+jtSa09y4vfpn8Xs04s6mctTJ+GrzJPmzo0cvvKE=
Subject key identifier:   90:81:E4:94:C5:EA:14:1D:E9:95:38:DC:CA:D1:E2:78:98:76:07:E3
Certificate issuer:       /CN=e0b54e33422ad3dd6ca93a18edd82e0b68c85a5c
Certificate serial:       019B76EAE7DB4200229E634E7E43B0A34695
Authority key identifier: E0:B5:4E:33:42:2A:D3:DD:6C:A9:3A:18:ED:D8:2E:0B:68:C8:5A:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LVOM0Iq091sqToY7dguC2jIWlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/kIHklMXqFB3plTjcytHieJh2B-M.roa
Signing time:             Thu 01 Jan 2026 00:17:44 +0000
ROA not before:           Thu 01 Jan 2026 00:17:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     21060
IP address blocks:        193.105.44.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/4LVOM0Iq091sqToY7dguC2jIWlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/4LVOM0Iq091sqToY7dguC2jIWlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LVOM0Iq091sqToY7dguC2jIWlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:ea:e7:db:42:00:22:9e:63:4e:7e:43:b0:a3:46:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b54e33422ad3dd6ca93a18edd82e0b68c85a5c
        Validity
            Not Before: Jan  1 00:17:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9081e494c5ea141de99538dccad1e278987607e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:52:f0:16:f4:6b:f6:73:c6:c4:16:65:e9:da:
                    83:46:88:55:2c:c1:44:66:09:e7:6a:f2:b1:46:40:
                    c6:c9:6f:82:7c:e3:f3:3b:29:39:1a:89:d2:9a:3a:
                    32:03:cb:9c:b1:68:81:64:4f:a6:da:00:11:16:d8:
                    b5:01:f9:4f:4b:70:13:72:52:fd:c9:ed:8f:9e:7f:
                    2d:f2:8b:a4:6e:0c:f7:ef:e8:5c:5d:52:10:d7:e4:
                    a1:a7:e0:16:f1:f2:de:19:ad:3d:95:7f:9d:3e:d1:
                    e0:5f:87:08:4c:f3:88:13:dc:f1:f9:37:eb:03:9e:
                    75:8a:9d:e9:94:91:4c:bc:6b:a2:9c:d2:67:a3:1d:
                    4e:fe:03:28:d1:3f:a6:a4:58:f1:83:e3:bf:6b:3a:
                    71:7d:31:5d:fe:13:b3:12:d4:e3:a8:a7:93:c4:85:
                    98:73:0c:64:b1:ed:45:4d:c4:10:9d:c2:0e:aa:6c:
                    49:f6:8c:25:66:5b:0d:59:49:60:98:39:bc:3e:72:
                    a4:a6:be:80:9e:1d:f1:a7:d5:c7:ef:ca:2d:e5:fc:
                    7a:42:bb:53:df:2c:60:c0:44:25:80:49:8d:05:87:
                    59:d9:62:67:7d:b1:19:bd:1a:ca:d4:ff:92:fb:97:
                    08:86:6b:df:2a:a2:4e:fa:b3:1c:ef:74:f8:cb:45:
                    97:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:81:E4:94:C5:EA:14:1D:E9:95:38:DC:CA:D1:E2:78:98:76:07:E3
            X509v3 Authority Key Identifier:
                keyid:E0:B5:4E:33:42:2A:D3:DD:6C:A9:3A:18:ED:D8:2E:0B:68:C8:5A:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LVOM0Iq091sqToY7dguC2jIWlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/kIHklMXqFB3plTjcytHieJh2B-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/496bba-a6a3-4dd3-8f86-3cbb5e877791/1/4LVOM0Iq091sqToY7dguC2jIWlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:47:dd:0f:8f:22:3c:30:e9:5a:c4:cf:ee:4a:6e:95:87:7a:
         ac:09:f4:ff:a6:b2:36:a1:93:c2:cb:ac:59:11:25:01:2f:9c:
         70:a3:c4:c7:f6:16:f7:db:01:1a:67:c3:d1:ca:6f:06:e8:5c:
         ff:c9:00:91:e5:e9:23:f7:9f:52:1b:de:ab:1d:96:2b:c1:d1:
         6a:b4:d5:0b:c5:3f:09:47:cf:cc:c8:7c:80:a3:b0:51:21:ed:
         ee:1c:6d:07:8c:2b:1b:b9:6a:22:20:8b:e9:a8:11:ad:84:d6:
         88:6f:e9:ab:cd:f7:b9:60:8f:28:35:fb:e2:5f:c2:65:1a:4c:
         e7:ab:03:ba:b0:fe:3f:86:3e:94:2b:73:7f:26:24:50:25:26:
         5c:97:c2:c3:b7:0a:1d:6f:c6:39:81:c4:0d:74:1b:41:96:96:
         f3:c5:4e:27:93:ff:55:1c:73:44:0a:b8:41:b6:86:66:e3:86:
         9b:c9:3a:88:b7:44:99:56:74:71:4e:5d:f6:e7:48:ea:6d:45:
         bb:3c:32:84:59:67:f2:59:5b:c0:65:22:bd:e4:d3:2f:f5:72:
         17:d9:96:47:a8:b7:a9:ff:be:af:6b:49:8e:de:87:cd:f1:64:
         58:6b:47:b8:14:f8:2a:4f:74:ea:63:c6:03:2c:b8:73:c1:f1:
         12:6b:25:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt26ufbQgAinmNOfkOwo0aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjU0ZTMzNDIyYWQzZGQ2Y2E5M2ExOGVkZDgyZTBiNjhj
ODVhNWMwHhcNMjYwMTAxMDAxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgxZTQ5NGM1ZWExNDFkZTk5NTM4ZGNjYWQxZTI3ODk4NzYwN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFLwFvRr9nPGxBZl6dqDRohVLMFE
ZgnnavKxRkDGyW+CfOPzOyk5GonSmjoyA8ucsWiBZE+m2gARFti1AflPS3ATclL9
ye2Pnn8t8oukbgz37+hcXVIQ1+Shp+AW8fLeGa09lX+dPtHgX4cITPOIE9zx+Tfr
A551ip3plJFMvGuinNJnox1O/gMo0T+mpFjxg+O/azpxfTFd/hOzEtTjqKeTxIWY
cwxkse1FTcQQncIOqmxJ9owlZlsNWUlgmDm8PnKkpr6Anh3xp9XH78ot5fx6QrtT
3yxgwEQlgEmNBYdZ2WJnfbEZvRrK1P+S+5cIhmvfKqJO+rMc73T4y0WX0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCB5JTF6hQd6ZU43MrR4niYdgfjMB8GA1UdIwQY
MBaAFOC1TjNCKtPdbKk6GO3YLgtoyFpcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExWT00wSXEwOTFzcVRvWTdkZ3VDMmpJV2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC80OTZiYmEtYTZhMy00ZGQzLThmODYt
M2NiYjVlODc3NzkxLzEva0lIa2xNWHFGQjNwbFRqY3l0SGllSmgyQi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC80OTZiYmEtYTZhMy00ZGQzLThmODYtM2NiYjVlODc3Nzkx
LzEvNExWT00wSXEwOTFzcVRvWTdkZ3VDMmpJV2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWksMA0G
CSqGSIb3DQEBCwUAA4IBAQAcR90PjyI8MOlaxM/uSm6Vh3qsCfT/prI2oZPCy6xZ
ESUBL5xwo8TH9hb32wEaZ8PRym8G6Fz/yQCR5ekj959SG96rHZYrwdFqtNULxT8J
R8/MyHyAo7BRIe3uHG0HjCsbuWoiIIvpqBGthNaIb+mrzfe5YI8oNfviX8JlGkzn
qwO6sP4/hj6UK3N/JiRQJSZcl8LDtwodb8Y5gcQNdBtBlpbzxU4nk/9VHHNECrhB
toZm44abyTqIt0SZVnRxTl3250jqbUW7PDKEWWfyWVvAZSK95NMv9XIX2ZZHqLep
/76va0mO3ofN8WRYa0e4FPgqT3TqY8YDLLhzwfESayV8
-----END CERTIFICATE-----